1.安装istio

要使用Helm自定义Istio安装,请使用--set <key>=<value>Helm命令中的选项覆盖一个或多个值

怎么使用选项配置请查看官网https://istio.io/docs/reference/config/installation-options/#servicegraph-options

模块说明
https://istio.io/docs/concepts/traffic-management/
https://blog.fleeto.us/post/istio-0.8.0-helm/

  1. certmanager
  2. galley
  3. gateways
  4. global
  5. grafana
  6. istio_cni
  7. istiocoredns
  8. kiali
  9. mixer
  10. nodeagent
  11. pilot
  12. prometheus
  13. security
  14. servicegraph
  15. sidecarInjectorWebhook
  16. tracing
[root@master istio-1.1.]# helm template install/kubernetes/helm/istio \

--name istio --namespace istio-system \

--set sidecarInjectorWebhook.enabled=true \

--set ingress.service.type=NodePort \

--set gateways.istio-ingressgateway.type=NodePort \

--set gateways.istio-egressgateway.type=NodePort \

--set tracing.enabled=true \

--set servicegraph.enabled=true \

--set prometheus.enabled=true \

--set tracing.jaeger.enabled=true \

--set grafana.enabled=true > istio.yaml
[root@master istio-1.1.5]# kubectl create namespace istio-system
[root@master istio-1.1.]# kubectl apply -f istio.yaml

poddisruptionbudget.policy/istio-galley unchanged

poddisruptionbudget.policy/istio-ingressgateway unchanged

poddisruptionbudget.policy/istio-policy unchanged

poddisruptionbudget.policy/istio-telemetry unchanged

poddisruptionbudget.policy/istio-pilot unchanged

configmap/istio-galley-configuration unchanged

configmap/istio-grafana-custom-resources unchanged

configmap/istio-grafana-configuration-dashboards-galley-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-mesh-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-performance-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-service-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-istio-workload-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-mixer-dashboard unchanged

configmap/istio-grafana-configuration-dashboards-pilot-dashboard unchanged

configmap/istio-grafana unchanged

configmap/prometheus unchanged

configmap/istio-security-custom-resources unchanged

configmap/istio configured

configmap/istio-sidecar-injector configured

serviceaccount/istio-galley-service-account unchanged

serviceaccount/istio-ingressgateway-service-account unchanged

serviceaccount/istio-grafana-post-install-account unchanged

clusterrole.rbac.authorization.k8s.io/istio-grafana-post-install-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-grafana-post-install-role-binding-istio-system unchanged

job.batch/istio-grafana-post-install-1.1. unchanged

serviceaccount/istio-mixer-service-account unchanged

serviceaccount/istio-pilot-service-account unchanged

serviceaccount/prometheus unchanged

serviceaccount/istio-cleanup-secrets-service-account unchanged

clusterrole.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-cleanup-secrets-istio-system unchanged

job.batch/istio-cleanup-secrets-1.1. unchanged

serviceaccount/istio-security-post-install-account unchanged

clusterrole.rbac.authorization.k8s.io/istio-security-post-install-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-security-post-install-role-binding-istio-system unchanged

job.batch/istio-security-post-install-1.1. unchanged

serviceaccount/istio-citadel-service-account unchanged

serviceaccount/istio-sidecar-injector-service-account unchanged

serviceaccount/istio-multi unchanged

clusterrole.rbac.authorization.k8s.io/istio-galley-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-mixer-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/prometheus-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-sidecar-injector-istio-system unchanged

clusterrole.rbac.authorization.k8s.io/istio-reader unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-galley-admin-role-binding-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-ingressgateway-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-mixer-admin-role-binding-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-pilot-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/prometheus-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-citadel-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-sidecar-injector-admin-role-binding-istio-system unchanged

clusterrolebinding.rbac.authorization.k8s.io/istio-multi unchanged

role.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged

rolebinding.rbac.authorization.k8s.io/istio-ingressgateway-sds unchanged

service/istio-galley unchanged

service/istio-ingressgateway configured

service/grafana unchanged

service/istio-policy unchanged

service/istio-telemetry unchanged

service/istio-pilot unchanged

service/prometheus unchanged

service/istio-citadel unchanged

service/servicegraph created

service/istio-sidecar-injector unchanged

deployment.extensions/istio-galley configured

deployment.extensions/istio-ingressgateway configured

deployment.extensions/grafana unchanged

deployment.extensions/istio-policy configured

deployment.extensions/istio-telemetry configured

deployment.extensions/istio-pilot configured

deployment.extensions/prometheus unchanged

deployment.extensions/istio-citadel configured

deployment.extensions/servicegraph created

deployment.extensions/istio-sidecar-injector configured

deployment.extensions/istio-tracing unchanged

horizontalpodautoscaler.autoscaling/istio-ingressgateway unchanged

horizontalpodautoscaler.autoscaling/istio-policy unchanged

horizontalpodautoscaler.autoscaling/istio-telemetry unchanged

horizontalpodautoscaler.autoscaling/istio-pilot unchanged

service/jaeger-query unchanged

service/jaeger-collector unchanged

service/jaeger-agent unchanged

service/zipkin unchanged

service/tracing unchanged

mutatingwebhookconfiguration.admissionregistration.k8s.io/istio-sidecar-injector configured

attributemanifest.config.istio.io/istioproxy unchanged

attributemanifest.config.istio.io/kubernetes unchanged

metric.config.istio.io/requestcount unchanged

metric.config.istio.io/requestduration unchanged

metric.config.istio.io/requestsize unchanged

metric.config.istio.io/responsesize unchanged

metric.config.istio.io/tcpbytesent unchanged

metric.config.istio.io/tcpbytereceived unchanged

metric.config.istio.io/tcpconnectionsopened unchanged

metric.config.istio.io/tcpconnectionsclosed unchanged

handler.config.istio.io/prometheus unchanged

rule.config.istio.io/promhttp unchanged

rule.config.istio.io/promtcp unchanged

rule.config.istio.io/promtcpconnectionopen unchanged

rule.config.istio.io/promtcpconnectionclosed unchanged

handler.config.istio.io/kubernetesenv unchanged

rule.config.istio.io/kubeattrgenrulerule unchanged

rule.config.istio.io/tcpkubeattrgenrulerule unchanged

kubernetes.config.istio.io/attributes unchanged

destinationrule.networking.istio.io/istio-policy unchanged

destinationrule.networking.istio.io/istio-telemetry unchanged

如上,使用helm时报这个错误 Helm: Error: no available release name found
Error: release sitewhere failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API group "" in the namespace "default"
错误的原因大概是因为 tiller没有正确的角色权限。
执行以下命令可解决这个问题。

[root@master servicegraph]# kubectl create serviceaccount --namespace kube-system tiller

serviceaccount/tiller created

[root@master servicegraph]# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created

[root@master servicegraph]# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

deployment.extensions/tiller-deploy patched

2.Prometheus、Grafana、Servicegraph和Jaeger服务创建 Ingress

[root@master istio-1.1.]# vim ingress-istio.yaml

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: prometheus

 namespace: istio-system

spec:

 rules:

 - host: prometheus.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: prometheus

         servicePort:

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: grafana

 namespace: istio-system

spec:

 rules:

 - host: grafana.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: grafana

         servicePort:

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: servicegraph

 namespace: istio-system

spec:

 rules:

 - host: servicegraph.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: servicegraph

         servicePort:

---

apiVersion: extensions/v1beta1

kind: Ingress

metadata:

 name: tracing

 namespace: istio-system

spec:

 rules:

 - host: tracing.istio.io

   http:

     paths:

     - path: /

       backend:

         serviceName: tracing

         servicePort: 
[root@master istio-1.1.]# kubectl apply -f ingress-istio.yaml

通过 http://grafana.istio.io访问 Grafana 服务
通过http://servicegraph.istio.io访问 ServiceGraph 服务
       http://servicegraph.istio.io/force/forcegraph.html: 这是一个交互式的d3.js可视化
       http://servicegraph.istio.io/dotviz: 静态graphviz可视化.
       http://servicegraph.istio.io/dotgraph: 提供点序列化.
       http://servicegraph.istio.io/d3graph: 为D3可视化提供JSON序列化
       http://servicegraph.istio.io/graph: 提供通用JSON序列化.
通过 http://tracing.istio.io/访问 Jaeger 跟踪页面:
通过 http://prometheus.istio.io/访问 Prometheus 页面:

参考:https://www.sohu.com/a/244910852_684389

helm安装kubernetes的插件istio的更多相关文章

  1. Centos 使用kubeadm安装Kubernetes 1.15.3

    本来没打算搞这个文章的,第一里面有瑕疵(没搞定的地方),第二在我的Ubuntu 18 Kubernetes集群的安装和部署 以及Helm的安装 也有安装,第三 和社区的问文章比较雷同 https:// ...

  2. ARM架构安装Kubernetes集群

    背景 类型 版本 操作系统 CentOS Linux release 7.6.1810 (AltArch) 内核 Linux master 4.18.0-80.7.2.el7.aarch64 硬件配置 ...

  3. Kubernetes-使用Helm安装istio

    添加istio库: helm repo add istio.io https://storage.googleapis.com/istio-release/releases/1.3.4/charts/ ...

  4. kubernetes包管理工具Helm安装

    helm官方建议使用tls,首先生成证书. openssl genrsa -out ca.key.pem openssl req -key ca.key.pem -new -x509 -days -s ...

  5. kubernetes实战(十):k8s使用Helm安装harbor

    1.基本概念 对于复杂的应用中间件,需要设置镜像运行的需求.环境变量,并且需要定制存储.网络等设置,最后设计和编写Deployment.Configmap.Service及Ingress等相关yaml ...

  6. 使用kubeadm安装kubernetes/部署前准备/flannel网络插件/镜像下载/

    本文内容参考<kuberneters进阶实战>/马哥的新书/推荐 部署前的准备 主机名称解析 分布式系统环境中的多主机通信通常基于主机名称进行,这在IP地址存在变化的可能性时为主机提供了固 ...

  7. 使用脚本在Linux服务器上自动安装Kubernetes的包管理器Helm

    Helm之于Kubernetes好比yum之于Red Hat Enterprise Linux,或者apt-get之于Ubuntu. Helm是由helm CLI和Tiller组成,是典型的Clien ...

  8. kubernetes实战篇之helm安装

    系列目录 Helm是kubernetes的应用包管理工具,是CNCF孵化器下的一个项目,主要用来管理 Charts.类似于 Ubuntu 中的 APT 或 CentOS 中的 YUM.它提供了一种简单 ...

  9. Helm 安装部署Kubernetes的dashboard

    Kubernetes Dashboard 是 k8s集群的一个 WEB UI管理工具,代码托管在 github 上,地址:https://github.com/kubernetes/dashboard ...

随机推荐

  1. opencv2.4.9+vs2012安装配置

    需要下载并安装vs2012  http://pan.baidu.com/s/1qXP76CO     第一次启动会提示要求输入激活序列号,请输入:YKCW6-BPFPF-BT8C9-7DCTH-QXG ...

  2. linux下alsa架构音频驱动播放wav格式文件

    #include<stdio.h> #include<stdlib.h> #include <string.h> #include <alsa/asoundl ...

  3. linux 查看服务器序列号(S/N)

    [root@node1~]# dmidecode -t 查看支持的参数 dmidecode: option requires an argument -- 't' Type number or key ...

  4. 使用自己的Python函数处理Protobuf中的字符串编码

    我目前所在的项目是一个老项目,里面的字符串编码有点乱,数据库中有些是GB2312,有些是UTF8:代码中有些是GBK,有些是UTF8,代码中转来转去,经常是不太清楚当前这个字符串是什么编码,由于是老项 ...

  5. springboot启动时过滤不需要注入的类

    在springbootApplication启动类上加入注解 @ComponentScan(excludeFilters = @ComponentScan.Filter(type = FilterTy ...

  6. 6367. 【NOIP2019模拟2019.9.25】工厂

    题目 题目大意 给你一堆区间,将这些区间分成特定的几个集合,使得每个集合中的所有区间的并不为空. 求最大的每组区间的交的长度之和. 思考历程 一开始就认为这绝对是\(DP\)-- 试着找一些性质,结果 ...

  7. idea中添加mysql驱动jia包的方法

    1 将相关jar包拷贝到自己所建的lib 文件夹下  如下图所示 2   选中自己的module  接着选择Project Structure 如下图 3 接着如下图继续操作 如上图完成后  那么我们 ...

  8. Android中的APK,TASK,PROCESS,USERID之间的关系

    开发Android已经有一段时间了,今天接触到底层的东西,所以对于进程,用户的id以及Android中的Task,Apk之间的关系,要做一个研究,下面就是研究结果: apk一般占一个dalvik,一个 ...

  9. javascript es6 语法快速入门

    1. let.const 作用:let 声明变量,const 声明常量 与 var 的区别:不能重复声明,且存在块级作用域,即只在代码块内生效 2. 箭头函数 使用: let show = funct ...

  10. 22-MySQL-Ubuntu-备份与恢复

    案例: 将数据库jing_dong_1的数据库备份,然后恢复到数据库jing_dong_2; 步骤如下: 1.备份 注意: mysqldump 不是 mysql; 尖括号的方向; python.sql ...